How to set up a deny list in Amazon Connect using Data Tables.

6 minute read

Content level: Intermediate

Allow agents in Amazon Connect to add numbers to a deny list in real time using only Amazon Connect resources. There is a current re:Post that walk through creating this functionality using DynamoDB, IAM, and multiple Lambda functions (https://repost.aws/knowledge-center/connect-deny-list-numbers). This guide shows how to achieve the same functionality using only native Amazon Connect features (Specifically Data Tables).

Prerequisites

This guide assumes you have:

An Amazon Connect instance.
Basic understanding of Amazon Connect contact flows and Data Tables.
Administrator access to your Amazon Connect instance.
The Security Policy must allow all Data table actions.

Solution Overview

Architecture

The solution uses Amazon Connect's native Data Tables to create and maintain a deny list of numbers. Numbers added to this list will be immediately disconnected when trying to initiate an inbound call to Amazon Connect. There are two sections to this solution:

Check to see if an incoming number is on the deny list before connecting the call to your agents.
When an agent receives a call from a number that needs to be added to the deny list, a quick connect is available to the agent to add the number to the list.

This approach eliminates the need for a DynamoDB table and Lambda functions, reducing complexity and operational overhead.

Implementation Steps

Step 1: Create the Data Table

Log in to your Amazon Connect console.
Navigate to Routing > Data tables.
Click Add new data table.
Configure the table:
- Name: DenyListingTable
- Description: Tracks incoming contact numbers that should be denied from connecting to the instance.
- Select a Time zone (note: this is required when creating a new table).
Add the following attributes:
- ContactNumber (Type: Text, Use as Primary)
- denied (Type: Text)
Click Create.
Click on the (empty text)(Default) under the denied attribute to add a default value.
- Acknowledge the warning regarding primary attributes.
- Set a default value of false to the denied field.

Step 2: Create the Inbound Contact Flow

Create a new contact flow with the following logic:

Flow Structure:

Set logging behavior: Enable flow logging for troubleshooting.
Data Table: Capture the data table value for the incoming contact number.
- Select action: Read from data table
- Select read action: Evaluate Data Table values
- Define data table: Set manually
  - Data table: DenyListingTable (should be visible in the dropdown)
  - Add a query:
    - Query name: onList (this can be anything as long as it is unique in the instance)
    - Primary attributes: Select ContactNumber as the attribute and use the value $.CustomerEndpoint.Address
    - Query attributes: denied (should be visible in the dropdown)
Set contact attributes: Assign the captured value of denied in a User defined variable.
- User defined — Key: deniedContact
- Set manually — Value: $.DataTables.onList.denied
Check contact attributes: Determine if the incoming contact number is set to be denied.
- Attribute to check — User defined: deniedContact
- Add Conditions to check for true and false (case sensitivity matters, so be sure to use the exact values used in the Data Table)
Connect the "= true" branch to a Disconnect block to immediately drop the call. The caller will hear a generic network message related to not being able to connect the call.
The "= false" branch and the "No Match" branch can be connected to the rest of the normal contact flow (i.e., Set working queue followed by a Transfer to queue).

Inbound call flow

Step 3: Create a Transfer to Queue Flow

Create a new contact flow with the following logic. This flow will be assigned to a Quick Connect for the agent to add a number to the deny list.

Flow Structure:

Set logging behavior: Enable flow logging for troubleshooting.
Play Prompt: Inform the agent that they are denying this number.
Data Table: Update the data table with the new number set to denied = true.
- Select action: Write to data table
- Data table: DenyListingTable (should be visible in the dropdown)
  - Click Add a Primary value group: Use Input, Set manually
    - Group name: addNumber (this can be anything as long as it is unique in the instance)
    - Primary attributes: Select ContactNumber as the attribute and use the value $.CustomerEndpoint.Address
    - Click Add Attributes to write: denied (should be visible in the dropdown)
      - Attribute name: denied
      - Set attribute value: true
On the Success branch, add a Play prompt to inform the agent the number was successfully added to the list.
On the Error branch, add a Play prompt to inform the agent that there was an error when trying to add the number to the deny list.
Disconnect.

Transfer to queue flow

Step 4: Create the Quick Connect and Add It to a Queue

Navigate to Routing > Quick connects.
Add a quick connect:
- Type: Queue
- Queue: Select any queue
- Flows: Use the Queue transfer flow created in Step 3
Click Save.
Navigate to the Queue where the quick connect will be used (Routing > Queues).
Edit the queue and add the new quick connect.

Test the Solution

Perform the initial call

Set the Inbound flow to be used by a phone number in the instance.
Call the number.
As this is the first time calling, the call should get routed to the queue.

Add the number to the deny list

Answer the call with an agent.
Initiate the quick connect to add the number to the list.
Disconnect and end the call.

Perform the second call

Call the inbound number again using the same phone.
The call should now be routed directly to the Disconnect block and the caller should hear a generic network message indicating the call cannot be connected.

Advantages of the Native Approach

No external dependencies: Everything runs within Amazon Connect.
Simplified architecture: No Lambda functions or DynamoDB tables to manage.
Reduced costs: No additional AWS service charges.
Easier maintenance: All configuration in one place.
Faster implementation: No code deployment required.
Built-in reliability: Leverages Amazon Connect's infrastructure.

Conclusion

By leveraging Amazon Connect's native data tables, you can implement a deny list without external dependencies. This approach simplifies the architecture, reduces operational complexity, and delivers the same customer experience improvements as custom solutions while being easier to maintain and more cost-effective.

Resources

Topics: Application Integration Business Applications Machine Learning & AI
Tags: Amazon Connect
Language: English

SUPPORT ENGINEER

Brian Malone

published a month ago143 views

No comments

Relevant content

How to Connect Amazon Quick with MCP (Model Context Protocol) – Integrate External Tools & Systems
EXPERT
N_Agarwal
published 11 days ago
How do I automatically redact PII from Amazon Connect call transcripts and recordings using Contact Lens?
EXPERT
Dennis_O
published 7 days ago
How to resolve the 'Failed to delete DataIntegration' error when deleting Amazon Q for Connect data integrations ?
SUPPORT ENGINEER
rajaws
published a year ago
API Permission error: Access denied to read task template list in CCP Softphone for an agent
rePost-User-3560190
asked 4 years ago
is there a way to get All the Real Time Agent Statuses in AWS Connect?
NinjaCoder
asked 4 years ago
How can I combine 3 current Real Time Metric Report to a single report?
Kirk Not Captain
asked 4 months ago
How do I set up a deny list in my Amazon Connect contact center that allows agents to flag numbers in real time?
AWS OFFICIALUpdated 3 years ago
How do I troubleshoot issues with real-time metrics in Amazon Connect?
AWS OFFICIALUpdated 6 months ago
How do I set up extensions for agents to call one another directly in my Amazon Connect contact center?
AWS OFFICIALUpdated a year ago
How do I allow agents in my Amazon Connect contact center to transfer contacts using the CCP?
AWS OFFICIALUpdated 4 years ago